Category Archives: Uncategorized

A new tool lets parents

Leave a reply

A new tool lets parents mar classic films in the name of cleaning them up!

See this article by Gwendolyn Mariano
for CNET News.com: Trilogy Studios to offer home censor kit.

Software maker Trilogy Studios said it plans to release a home “censorware” product that will cut scenes and language from DVDs to create PG versions of R-rated movies.

The company, which launched a new Web site last week, said it plans to unveil its Movie Mask DVD player by the first quarter of 2002. The software works on PCs and Microsoft’s Xbox game console, telling the device to skip over specific frames in the film that portray violence, profanity or nudity. The company said the DVD remains unaffected, since the censorship instructions reside in the video playback device.

In addition to taking scenes out of a film, the software can be used to put more “wholesome” scenes in. While Movie Mask might cut the violent moments from the opening scene of Steven Spielberg’s World War II epic “Saving Private Ryan,” for example, it also lets parents add educational links to battle maps or a biography of Gen. Dwight D. Eisenhower.

“Choice is the main thing,” said Breck Rice, chief revenue officer for Trilogy Studios. Trilogy wanted to “share some of the great Hollywood movies with…children but wanted to show it at a level that they could handle a little better.”

A new e-mail tool that

Leave a reply

A new e-mail tool that allows Lotus Notes and Domino users to retract unread e-mails from a person’s inbox is most likely in violation of more than one of the U.K.’s surveillance and data protection laws.

See:
E-mail retraction tool breaking laws?,
by Wendy McAuliffe for ZDNet (UK).

The Office of the Information Commissioner has warned that the Demailer tool, announced by IBM/Lotus on Wednesday, could conflict with e-mail interception principles set out in the Regulation of Investigatory Powers Act 2000 (RIPA). The e-mail retraction utility is also in danger of infringing data processing guidelines contained within the Data Protection Act 1998, as the intended recipient will be unaware that an e-mail has been retrieved from their inbox.

“If the tool allows an individual to retrieve an e-mail from the server, that is not unreasonable,” said David Clancy, assistant commissioner to the information commissioner. “But if it allows someone to retrieve an e-mail from beyond the server, when the e-mail is waiting in the inbox, we would see this as interception, which also has potential data protection issues.”

The IBM/Lotus Demailer, developed by IT Simple, allows users of Lotus Domino Notes to retract e-mails within any organization, across any organization’s domains, within private Domino intranets, and from Domino customers and suppliers through the Internet. The tool is designed for the retrieval of e-mails sent in error, without the receiver being informed. E-mail retraction has been a feature of some systems for years, but recent legislation may mean that such a tool is no longer legitimate for business purposes.

Here’s a great account by

Leave a reply

Here’s a great account by Neil McAllister of one of the most exciting sessions of last week’s O’Reilly P2P and
Web Services Conference: Michael R. Macedonia, Ph.D.’s Network-Centric Warfare.

Peering Into The Future
The military contemplates
network-centric warfare

The term “cyber warfare” gets thrown around every
now and again. Most often, it comes attached to the
fanciful notion of some virtual battleground of the
near future, one where hackers are the foot soldiers,
worms and viruses are the tools and dominance
over the network is the ultimate military objective.
It’s an idea that owes more to Hollywood than to
reality, however. In truth, bullets, bombs and
control of all-too-real estate are likely to remain
central to warfare for a long time to come.

That’s not to say the US armed forces are letting the
fruits of the Internet Age simply drop from the vine
— far from it. The military is among the first
institutions to recognize the many contributions of
the computing industry to solving real-world
problems. So perhaps it shouldn’t have come as a
surprise when representatives of the armed forces
came looking for ideas among a decidedly
nonmilitary bunch: the geeks, hackers and
codeheads attending last week’s O’Reilly P2P and
Web Services Conference in Washington, DC.

Is it impolite to protect

Leave a reply

Is it impolite to protect yourself and warn others about security vulnerabilities without first waiting 30 days to see if they can be patched? Or the other way around?

Or as AnchorDesk Editorial Director Patrick Houston put it: “MS to hackers: Shhh, can’t we be a little more discreet?”

See the ZDNet article by Robert Lemos’ : MS group to oversee hack reports.

The latest announcement has already sparked controversy: Russ Cooper, a software security expert and editor of security mailing list “NTBugTraq,” published his own guidelines for an independent security group, called the Responsible Disclosure Forum. Cooper boycotted Microsoft’s conference largely because he distrusts the software giant’s motives.

For the most part, however, Cooper and Microsoft agree on the problems that fully disclosing software flaws can create.

“You either participate in the Responsible Disclosure Forum, or you’re a black hat bent on being malicious. End of story,” he wrote in the introduction to the guidelines. “Too much money, too many individuals and too much of the world’s communication rely on responsible disclosure for it to be continued to be seen as a discussion worth debating.”

The Microsoft-supported guidelines tentatively give software makers 30 days to patch their products after being informed of a flaw. They also require members to respond promptly to a report of a security hole and keep the original author advised of their progress.

“This is something we talked about 11 months ago (at a previous security conference) and we have some real traction now,” Microsoft’s Culp said.